@hoppscotch/cli@0.6.0 vulnerabilities
A CLI to run Hoppscotch test scripts in CI environments.
-
latest version
0.8.0
-
latest non vulnerable version
-
first published
2 years ago
-
latest version published
a month ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the @hoppscotch/cli package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
@hoppscotch/cli is an A CLI to run Hoppscotch test scripts in CI environments. Affected versions of this package are vulnerable to Arbitrary Command Injection due to the improper handling of user-supplied input in the Note This is only exploitable if the victim downloads and runs a malicious Hoppscotch collection with the CLI tool. How to fix Arbitrary Command Injection? Upgrade |
<0.8.0
|